As privacy does
indeed matter... as it's not about secrecy (e.g., I have nothing to hide...),
but anonymity of decisions -- YOURS!

As some know, this is what our Cyber Model for PbD will
facilitate - With existing products that will make this work now (to a large
extent...)... both for USERs and companies mandated to
protect privacy under current statutes.. be they PII, HIPAA, CPI, etc.. Leveraging the OASIS SW SE PbD specs, etc.. (and our approach will work in more global /
EU environments as well..)

We're submitting a DHS white paper iso of their BAA
proposals on same.. to help integrate the it all in a "SoS" environment....
see below info

Speaking at the Hope X conference taking place in New York
this weekend, NSA whistleblower Edward Snowden put out a call for developers to
build systems that protect privacy and constitutional rights by design. He also
revealed his own intention to work on developing privacy protecting technology.
Responding to a question about what people working in technology can do to
counteract dragnet, overreaching surveillance, Snowden said encryption is an
“important first step”. But he added that simply securing the content of
communications is not in itself enough. New privacy-protecting protocols and
infrastructures need to be designed. “It
doesn’t end at encryption it starts at encryption,” said Snowden. “Encryption
protects the content but we forget about associations… ETC.. ... more in article

So how does one start to
protect critical data and associated privacy aspects with many of the privacy
environmental variables themselves in flux?
We need a global privacy framework to design and measure to within a
unified, integrated open privacy enterprise architecture (EA). Given the varied
privacy requirements, we developed our cyber model for privacy around the seven
major principles in the existing, international Privacy by Design (PbD)
initiative (also mapping the seven principles to the NIST 800-53a Appendix J’s
24 privacy controls therein). Thus our cyber model for PbD (C4P) will
inherently address the major privacy protection and control aspects from the
start, eventually encapsulating the data security attributes and making them
relatively agnostic to the ongoing global privacy environment churn.

Current PET methods are
generally device centric and not integrated as part of an overall enterprise
systems of systems (SoS) architecture foundation. Hence current privacy
products and services cannot work in multiple environments or scale – in a
continuum from one end device to another, likely different, end device. The
essence of our C4P approach is to develop an open privacy foundation EA using a
service-based “platform as a service” cloud construct applying data-centric
security methods which are integrated into a SoS EA using existing commercial
products (COTs). The proposal is to integrate these initial COTs abilities into
a fully functioning, enterprise, end-to-end, privacy platform by developing and
documenting a common open privacy framework (OPF); thus enabling plug and play
privacy capabilities to enhance usability, reuse, and innovation insertion
within a trusted environment. Our OPF
framework leverages, aligns with and is integrated with NIST’s RMF (Risk
Management Framework) and CSF (CyberSecurity Framework) for a balanced
foundational approach.